Skip to content

Commit 7c6a6b6

Browse files
author
byeskille
committed
simple experiment html page
1 parent bec5519 commit 7c6a6b6

File tree

2 files changed

+3357
-0
lines changed

2 files changed

+3357
-0
lines changed

src/html/index.html

Lines changed: 285 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,285 @@
1+
<!DOCTYPE html>
2+
<html>
3+
<head>
4+
<link href="styles.css" rel="stylesheet">
5+
<title>TLS 1.3 experiment – tls13.byeskille.no</title>
6+
<style>
7+
body {
8+
font-family: Tahoma, Verdana, Arial, sans-serif;
9+
}
10+
</style>
11+
</head>
12+
<body>
13+
<div class="reportContent good" id="section_www_tls" style="display: block;">
14+
<h1>TLS 1.3 experiment - tls13.byeskille.no</h1>
15+
<p>If you see this page, a <a href="http://nginx.org/en/download.html">nginx</a> web server is successfully installed and
16+
working together with <a href="https://github.com/openssl/openssl/tree/tls1.3-draft-18">openssl 1.1.1-dev</a> supporting TLS 1.3 draft 18.</p>
17+
18+
<p>The experiment is running in a Docker container with nginx and openssl compiled from source by <a href="https://byeskille.no">Oyvind Bye Skille</a>.</p>
19+
20+
<table>
21+
<tbody>
22+
23+
<tr>
24+
<td class="label ttip"><span class="tip">Encryption protocol version determines what features are<br>
25+
available for negotiation between client and server.</span>Supported protocols
26+
</td>
27+
<td class="wrap"> <span class="cgood">TLS v1.3 (d18)</span>
28+
<br>
29+
<span class="cgood">TLS v1.2</span>
30+
<br>
31+
</td>
32+
</tr>
33+
34+
<tr>
35+
<td class="label ttip"><span class="tip">Servers should always enforce their own cipher<br>
36+
suite preference, as that is the only approach<br>
37+
that guarantees that the best possible suite is<br>
38+
selected.</span>Cipher
39+
suite preference
40+
</td>
41+
<td class="wrap"> <i class="fa fa-check good"></i> </td>
42+
</tr>
43+
<tr>
44+
<td class="label ttip"><span class="tip">Shows cipher suite configuration for this protocol version.</span>TLS v1.3 (d18)
45+
<br><span class="smallGrey">Server preference</span>
46+
</td>
47+
<td class="wrap">
48+
<span class="ttip"><span class="tip">
49+
Suite: TLS_CHACHA20_POLY1305_SHA256
50+
<br>
51+
Suite ID: 0x1303<br>
52+
Cipher name: CHACHA20
53+
<br>
54+
Cipher strength: 256 bits
55+
<br>
56+
Cipher mode: AEAD<br>
57+
Forward secrecy: Yes<br>
58+
PRF: SHA256<br>
59+
</span>
60+
<span class="cgood">TLS_CHACHA20_POLY1305_SHA256</span>
61+
</span>
62+
<span class="smallGrey">
63+
&nbsp;256 bits
64+
</span><br>
65+
<span class="ttip"><span class="tip">
66+
Suite: TLS_AES_128_GCM_SHA256
67+
<br>
68+
Suite ID: 0x1301<br>
69+
Cipher name: AES
70+
<br>
71+
Cipher strength: 128 bits
72+
<br>
73+
Cipher block size: 128 bits
74+
<br>
75+
Cipher mode: AEAD<br>
76+
Forward secrecy: Yes<br>
77+
PRF: SHA256<br>
78+
</span>
79+
<span class="cgood">TLS_AES_128_GCM_SHA256</span>
80+
</span>
81+
<span class="smallGrey">
82+
&nbsp;128 bits
83+
</span><br>
84+
<span class="ttip"><span class="tip">
85+
Suite: TLS_AES_256_GCM_SHA384
86+
<br>
87+
Suite ID: 0x1302<br>
88+
Cipher name: AES
89+
<br>
90+
Cipher strength: 256 bits
91+
<br>
92+
Cipher block size: 128 bits
93+
<br>
94+
Cipher mode: AEAD<br>
95+
Forward secrecy: Yes<br>
96+
PRF: SHA384<br>
97+
</span>
98+
<span class="cgood">TLS_AES_256_GCM_SHA384</span>
99+
</span>
100+
<span class="smallGrey">
101+
&nbsp;256 bits
102+
</span><br>
103+
</td>
104+
</tr>
105+
<tr>
106+
<td class="label ttip"><span class="tip">Shows cipher suite configuration for this protocol version.</span>TLS v1.2
107+
<br><span class="smallGrey">Server preference</span>
108+
</td>
109+
<td class="wrap">
110+
<span class="ttip"><span class="tip">
111+
Suite: TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
112+
<br>
113+
Suite ID: 0xc02c<br>
114+
Cipher name: AES
115+
<br>
116+
Cipher strength: 256 bits
117+
<br>
118+
Cipher block size: 128 bits
119+
<br>
120+
Cipher mode: AEAD<br>
121+
Key exchange: ECDHE_ECDSA<br>
122+
Key exchange strength: EC ecdh_x25519 (256 bits)
123+
<br>
124+
Forward secrecy: Yes<br>
125+
PRF: SHA384<br>
126+
</span>
127+
<span class="cgood">TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384</span>
128+
</span>
129+
<span class="smallGrey">
130+
&nbsp;256 bits
131+
(ECDHE 256 bits)
132+
</span><br>
133+
<span class="ttip"><span class="tip">
134+
Suite: TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256
135+
<br>
136+
Suite ID: 0xcca9<br>
137+
Cipher name: CHACHA20
138+
<br>
139+
Cipher strength: 256 bits
140+
<br>
141+
Cipher mode: AEAD<br>
142+
Key exchange: ECDHE_ECDSA<br>
143+
Key exchange strength: EC ecdh_x25519 (256 bits)
144+
<br>
145+
Forward secrecy: Yes<br>
146+
PRF: SHA256<br>
147+
</span>
148+
<span class="cgood">TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256</span>
149+
</span>
150+
<span class="smallGrey">
151+
&nbsp;256 bits
152+
(ECDHE 256 bits)
153+
</span><br>
154+
<span class="ttip"><span class="tip">
155+
Suite: TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
156+
<br>
157+
Suite ID: 0xc02b<br>
158+
Cipher name: AES
159+
<br>
160+
Cipher strength: 128 bits
161+
<br>
162+
Cipher block size: 128 bits
163+
<br>
164+
Cipher mode: AEAD<br>
165+
Key exchange: ECDHE_ECDSA<br>
166+
Key exchange strength: EC ecdh_x25519 (256 bits)
167+
<br>
168+
Forward secrecy: Yes<br>
169+
PRF: SHA256<br>
170+
</span>
171+
<span class="cgood">TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256</span>
172+
</span>
173+
<span class="smallGrey">
174+
&nbsp;128 bits
175+
(ECDHE 256 bits)
176+
</span><br>
177+
<span class="ttip"><span class="tip">
178+
Suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
179+
<br>
180+
Suite ID: 0xc024<br>
181+
Cipher name: AES
182+
<br>
183+
Cipher strength: 256 bits
184+
<br>
185+
Cipher block size: 128 bits
186+
<br>
187+
Cipher mode: CBC<br>
188+
Key exchange: ECDHE_ECDSA<br>
189+
Key exchange strength: EC ecdh_x25519 (256 bits)
190+
<br>
191+
Forward secrecy: Yes<br>
192+
PRF: SHA384<br>
193+
</span>
194+
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
195+
</span>
196+
<span class="smallGrey">
197+
&nbsp;256 bits
198+
(ECDHE 256 bits)
199+
</span><br>
200+
<span class="ttip"><span class="tip">
201+
Suite: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
202+
<br>
203+
Suite ID: 0xc023<br>
204+
Cipher name: AES
205+
<br>
206+
Cipher strength: 128 bits
207+
<br>
208+
Cipher block size: 128 bits
209+
<br>
210+
Cipher mode: CBC<br>
211+
Key exchange: ECDHE_ECDSA<br>
212+
Key exchange strength: EC ecdh_x25519 (256 bits)
213+
<br>
214+
Forward secrecy: Yes<br>
215+
PRF: SHA256<br>
216+
</span>
217+
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
218+
</span>
219+
<span class="smallGrey">
220+
&nbsp;128 bits
221+
(ECDHE 256 bits)
222+
</span><br>
223+
<span class="ttip"><span class="tip">
224+
Suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
225+
<br>
226+
Suite ID: 0xc00a<br>
227+
Cipher name: AES
228+
<br>
229+
Cipher strength: 256 bits
230+
<br>
231+
Cipher block size: 128 bits
232+
<br>
233+
Cipher mode: CBC<br>
234+
Key exchange: ECDHE_ECDSA<br>
235+
Key exchange strength: EC ecdh_x25519 (256 bits)
236+
<br>
237+
Forward secrecy: Yes<br>
238+
PRF: SHA<br>
239+
</span>
240+
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
241+
</span>
242+
<span class="smallGrey">
243+
&nbsp;256 bits
244+
(ECDHE 256 bits)
245+
</span><br>
246+
<span class="ttip"><span class="tip">
247+
Suite: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
248+
<br>
249+
Suite ID: 0xc009<br>
250+
Cipher name: AES
251+
<br>
252+
Cipher strength: 128 bits
253+
<br>
254+
Cipher block size: 128 bits
255+
<br>
256+
Cipher mode: CBC<br>
257+
Key exchange: ECDHE_ECDSA<br>
258+
Key exchange strength: EC ecdh_x25519 (256 bits)
259+
<br>
260+
Forward secrecy: Yes<br>
261+
PRF: SHA<br>
262+
</span>
263+
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
264+
</span>
265+
<span class="smallGrey">
266+
&nbsp;128 bits
267+
(ECDHE 256 bits)
268+
</span><br>
269+
</td>
270+
</tr>
271+
272+
</tbody>
273+
</table>
274+
275+
<p>The table above originates from the <a href="https://www.hardenize.com">Hardenize</a> test tool.</p>
276+
277+
<p>The Dockerfile will shared in this Github repo eventually
278+
<a href="https://github.com/byeskille/nginx-tls13-docker">nginx-tls13-docker</a>.<br/>
279+
Questions can be sent to
280+
<a href="https://byeskille.no/kontakt">Oyvind Bye Skille</a>.</p>
281+
282+
<p><em>Thanks for your visit!</em></p>
283+
</div>
284+
</body>
285+
</html>

0 commit comments

Comments
 (0)